This repository demomstrates using Github's artifact attestations feature with Kyverno image verification rules.
See workflow
Run this program to manually check the attestation:
cd verify
go run verify.go --image ghcr.io/nirmata/github-signing-demo:latest --predicate-type "https://slsa.dev/provenance/v1" --subject "https://github.com/nirmata/github-signing-demo/.github/workflows/build-attested-image.yaml@refs/heads/main"
cd ..You can also use the GitHub CLI:
gh attestation verify oci://ghcr.io/nirmata/github-signing-demo:latest --repo nirmata/github-signing-demoThis should show an output similar to:
Loaded digest sha256:79c29305a38c0c92657d72c0d14e0521227d02f0fc55eaa9fcc5c7f997efa944 for oci://ghcr.io/nirmata/github-signing-demo:latest
Loaded 1 attestation from GitHub API
✓ Verification succeeded!
sha256:79c29305a38c0c92657d72c0d14e0521227d02f0fc55eaa9fcc5c7f997efa944 was attested by:
REPO PREDICATE_TYPE WORKFLOW
nirmata/github-signing-demo https://slsa.dev/provenance/v1 .github/workflows/build-attested-image.yaml@refs/heads/main- Create a kind cluster
kind create cluster- Install Kyverno
helm install kyverno kyverno/kyverno -n kyverno --create-namespaceNote: to verify a private GitHub repository install the GitHub TrustRoot:
helm install kyverno kyverno/kyverno -n kyverno --create-namespace --values manifests/values.yaml- Apply Kyverno policy to the cluster:
kubectl create -f manifests/policy.yaml- Run the signed image
kubectl run demo --dry-run=server --image ghcr.io/nirmata/github-signing-demo:latestpod/demo created (server dry run)- Run an unsigned image, and verify it is blocked
kubectl run demo --dry-run=server --image nginxError from server: admission webhook "mutate.kyverno.svc-fail" denied the request:
resource Pod/default/demo was blocked due to the following policies
sigstore-image-verification:
sigstore-image-verification: 'failed to verify image docker.io/nginx:latest: .attestors[0].entries[0].keyless:
sigstore bundle verification failed: no matching signatures found'